open ldap configuration on rhel3-u4

Nilesh Joshi nileshnjoshi at gmail.com
Fri Aug 14 14:44:30 UTC 2009 

Any idea what's wrong in setup?

Regards,
-Nilesh

On Thu, Aug 13, 2009 at 6:36 PM, Nilesh Joshi <nileshnjoshi at gmail.com>wrote:

> Thanks Rick.
>
> I have checked using -w password. The exact command I tried was:
>
> ldapsearch -x -b "ou=people,dc=test,dc=com" -D
> "cn=nilesh,ou=people,dc=test,dc=com" -w password '(uid=nilesh)'
>
> Also added:
>         access to attrs=userPassword
>                by anonymous auth
>                by self write
>                by * none
>
> However the result was same. I have confirmed that password is password for
> now.
>
> I think, I am missing something in configuration. Can I use LDAP without
> sasl and if yes, what I need to do?
>
> Thanks and Regards,
> -Nilesh
>
>
>
> On Thu, Aug 13, 2009 at 6:16 PM, Rick Stevens <ricks at nerd.com> wrote:
>
>>  Nilesh Joshi wrote:
>>
>>> Hi,
>>>
>>> I have installed openldap-2.0.27-23 on my server.
>>>
>>> I have configured certificate and path is mentioned in slapd.conf file.
>>>
>>> I am able to create root DN and also able to add user to it.
>>>
>>> When I search using cn=manager,dc=test,dc=com, it gives me correct
>>> answers.
>>> Howere, whenever I search using user id, I see error 49.
>>>
>>> ldapsearch -x -b "ou=people,dc=test,dc=com" -D
>>> "cn=nilesh,ou=people,dc=test,dc=com" -W '(uid=nilesh)'
>>>
>>> In logs, I see:
>>> conn=11 fd=10 ACCEPT from IP=192.168.1.2:53115 (IP=0.0.0.0:389)
>>> conn=11 op=0 BIND dn="cn=nilesh,ou=people,dc=test,dc=com" method=128
>>> conn=11 op=0 RESULT tag=97 err=49 text=
>>> conn=11 fd=10 closed (connection lost)
>>>
>>> I would like to have openldap running without sasl.
>>>
>>> How should I configure the same? How can I fix this issue?
>>>
>>
>> Error 49 is "invalid credentials," meaning that you didn't hand the
>> ldapsearch the right password for the user you're trying to bind as.
>> Try it again, but rather than using the "-W" (interactive) flag, try:
>>
>>        -w 'your-password-here'
>>
>> If the password has shell metacharacters in it, they may be being
>> interpreted by the shell before being handed to the ldapsearch command.
>> Using the -w and the password enclosed in single quotes prevents that.
>>
>> You also have to make sure that the user you're trying to bind as has
>> access to the userPassword attribute in the slapd.conf file:
>>
>>        access to attrs=userPassword
>>                by anonymous auth
>>                by self write
>>                by * none
>>
>> ----------------------------------------------------------------------
>> - Rick Stevens, Systems Engineer                      ricks at nerd.com -
>> - AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
>> -                                                                    -
>> - I never drink water because of the disgusting things that fish do  -
>> -                                  in it.                            -
>> -                                                      -- WC. Fields -
>> ----------------------------------------------------------------------
>>
>> _______________________________________________
>> Redhat-install-list mailing list
>> Redhat-install-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/redhat-install-list
>> To Unsubscribe Go To ABOVE URL or send a message to:
>> redhat-install-list-request at redhat.com
>> Subject: unsubscribe
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/redhat-install-list/attachments/20090814/ef1c2a08/attachment.htm>

More information about the Redhat-install-list mailing list